Port forwarding using PCC - help required

RouterOS General
1

I’m having a very hard time getting port forwarding or upnp to work on my current server, right now I’m load balancing 3x adsl lines using pcc, I’ve based it pretty much on the wiki, below are my mangle & nat tables. When enabling upnp I can see it creating alot of rules for ports, but I’ve tried testing them through web-based port checkers and they report them closed. I suspect its due to the load balancing.

add action=accept chain=prerouting disabled=no dst-address=192.168.0.0/24 \
    in-interface=LAN
add action=accept chain=prerouting disabled=no dst-address=192.168.1.0/24 \
    in-interface=LAN
add action=accept chain=prerouting disabled=no dst-address=192.168.3.0/24 \
    in-interface=LAN
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no in-interface=LINKDSL3 new-connection-mark=WAN3_LINK3 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no in-interface=LINKDSL new-connection-mark=WAN1_LINK1 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no in-interface=LINKDSL2 new-connection-mark=WAN2_LINK2 passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no dst-address-type=!local in-interface=LAN new-connection-mark=\
	WAN1_LINK1 passthrough=yes per-connection-classifier=\
	both-addresses-and-ports:3/0
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no dst-address-type=!local in-interface=LAN new-connection-mark=\
    WAN2_LINK2 passthrough=yes per-connection-classifier=\
    both-addresses-and-ports:3/1
add action=mark-connection chain=prerouting connection-mark=no-mark disabled=\
    no dst-address-type=!local in-interface=LAN new-connection-mark=\
    WAN3_LINK3 passthrough=yes per-connection-classifier=\
    both-addresses-and-ports:3/2
add action=mark-routing chain=prerouting connection-mark=WAN2_LINK2 disabled=\
    no in-interface=LAN new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN3_LINK3 disabled=\
    no in-interface=LAN new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_LINK1 disabled=no \
    new-routing-mark=to_WAN3 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_LINK2 disabled=no \
    new-routing-mark=to_WAN4 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN3_LINK3 disabled=no \
    new-routing-mark=to_WAN1 passthrough=yes




add action=masquerade chain=srcnat disabled=no out-interface=WAN2
add action=masquerade chain=srcnat disabled=no out-interface=WAN3
add action=masquerade chain=srcnat disabled=no out-interface=WAN1
add action=masquerade chain=srcnat disabled=no out-interface=LAN
add action=masquerade chain=srcnat disabled=no out-interface=LINKDSL3
add action=masquerade chain=srcnat disabled=no out-interface=LINKDSL
add action=masquerade chain=srcnat disabled=no out-interface=LINKDSL2
add action=dst-nat chain=dstnat disabled=no dst-port=1000 protocol=udp \
    to-addresses=192.168.0.100 to-ports=11115
add action=dst-nat chain=dstnat disabled=no dst-port=1000 protocol=tcp \
    to-addresses=192.168.0.100 to-ports=11115
2

Help ?

3

Really ? Nobody using PCC for load balancing has needed to do port forwarding ?

4

Try excluding the dst-port from pcc markings.

/ip firewall mangle
add action=mark-connection chain=prerouting comment="port forward" disabled=no dst-port=1000,11115 new-connection-mark=port_forward passthrough=yes protocol=tcp
add action=mark-connection chain=prerouting comment="port forward" disabled=no dst-port=1000,11115 new-connection-mark=port_forward passthrough=yes protocol=udp
add action=mark-packet chain=prerouting comment="port forward" connection-mark=port_forward disabled=no new-packet-mark=port_forward passthrough=no

Place the rules above other mangle rule.